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Description 

FIELD OF THE INVENTION 

[0001] This invention relates to a method for manag- 
ing a transaction via a communications path between a 
terminal device and a serving node and a data network 
according to claim 1 . 

RELATED PRIOR ART 

[0002] According to document EP-A-0 813 325, pub- 
lished 17-12-1997, a method for performing a transac- 
tion that is initiated over an open communication net- 
work between a user and a remotely located server is 
proposed. According to this proposed method secure 
transactions can be performed, wherein a communica- 
tion between the World Wide Web and a computer is 
suspended. This proposed method comprises the steps 
of: 

establishing an initial communications path via a 
first connection between a terminal device and a 
serving node in a first data network, 
receiving information from the serving node in the 
first data network for effecting a reconfiguration of 
the communications path for said transaction from 
the first connection in the first data network to a sec- 
ond connection in a second data network. 

BACKGROUND OF THE INVENTION 

[0003] With the increasing popularity of personal 
computers over the last several years has come a strik- 
ing growth in transaction-oriented computer-to-compu- 
ter communications (as opposed to bulk-data transfers 
among such computers). For convenience herein such 
transaction-oriented computer-to-computer communi- 
cations will be described by the shorthand term informa- 
tion transaction. That growth in the use of computers for 
such information transactions has unquestionably been 
fueled by the existence of an international infrastructure 
for implementing such data communications, known as 
the Internet. And, driven by the burgeoning demand for 
such information transaction services, the Internet has 
itself experienced explosive growth in the amount of traf- 
fic handled. 

[0004] At least partly in response to that demand, a 
new level of accessibility to various information sources 
has recently been introduced to the Internet, known as 
the World Wide Web (WWW). The WWW allows a user 
to access a universe of information which combines text, 
audio, graphics and animation within a hypermedia doc- 
ument. Links are contained within a WWW document 
which allow simple and rapid access to related docu- 
ments. Using a system known as the HyperText Markup 
Language ("HTML"), pages of information in the WWW 
contain pointers to other pages, those pointers typically 



being a key word (commonly known as a hyperlink 
word). When a user selects one of those key words, a 
hyperlink is created to another information layer (which 
may be in the same, or a different information server), 
5 where typically additional detail related to that key word 
will be found. 

[0005] In order to facilitate implementation of the 
WWW on the Internet, new software tools have been 
developed for user terminals, usually known as Web 
10 Browsers, which provide a user with a graphical user 
interface means for accessing information on the Web, 
and navigating among information layers therein. A 
commonly used such Web Browser is that provided by 
Netscape. 

15 [0006] The substantial growth in the use of computer 
networks, and particularly the WWW, for such informa- 
tion transactions, has predictably led to significant com- 
mercialization of this communications medium. For ex- 
ample, with the WWW, a user is not only able to access 

20 numerous information sources, some public and some 
commercial, but is also able to access catalogs of mer- 
chandise, where individual items from such a catalog 
can be identified and ordered, and is able to carry out a 
number of banking and other financial transactions. As 

25 will be obvious, such commercial transactions wilt typi- 
cally involve sensitive and proprietary information, such 
as credit card numbers, and financial information of a 
user. Thus, with the growth of commercial activity in the 
Internet, has also come a heightened concern with se- 

30 curity. 

[0007] it is well known that there arc persons with a 
high level of skill in the computer arts, commonly known 
as "hackers", who have both the ability and the will to 
intercept communications via the Internet. Such per- 

35 sons are thereby able to gain unauthorized access to 
various sensitive user information, potentially compro- 
mising or misappropriating such information. 
[0008] The vulnerability of such sensitive user infor- 
mation to misuse when so transmitted via the Internet 

40 is a phenomenon, which has only recently received wide 
public attention. Unless such security concerns can be 
quickly addressed and alleviated, the commercial de- 
velopment of this new communications medium may be 
slowed or even stalled altogether. 

45 

SUMMARY OF THE INVENTION 

[0009] Accordingly, it is an object of the present inven- 
tion to provide an acceptable level of security for sensi- 
50 tive or proprietary information associated with informa- 
tion transactions in a public network, such as the Inter- 
net. 

[0010] According to the present invention this object 
is solved by the features of claim 1 . 
55 [001 1] Improved embodiments of the inventive meth- 
od result from the subclaims 2 to 5. 
[0012] According to the present invention an on-line 
information transaction is bifurcated between a gener- 
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alized information access portion of such a transaction 
and an exchange of sensitive user information. With 
such a bifurcation, the generalized information access 
portion of the transaction which generally would consti- 
tute the more substantial (in terms of network resources) 5 
portion of the transaction would be handled via a non- 
secure network, usually a public network such as the 
Internet. The portion of the transaction involving sensi- 
tive user information, on the other hand, would be han- 
dled by a separate secure connection, such as a private 
network, or intranetwork. An important characteristic of 
this bifurcation arrangement is the provision of a means 
for automated reconfiguration of a user terminal as be- 
tween accessing the generalized information via the 
non-secure network and access to the secure commu- 
nications network for the exchange of sensitive user in- 
formation. Such an automated reconfiguration will be 
carried out without the necessity for any action on the 
part of the user, and indeed will be largely invisible to 
the user. In a further embodiment of the invention, a 
transfer of data is provided from a public to a private 
network, wherein data selected by a user from a public 
network site may be arranged and displayed at a user 
terminal and, subject to further user selection/confirma- 
tion activity, thereafter transferred to a private network. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0013] 

Figure 1 depicts an illustrative case of information 
transactions carried out via a public network such 
as the Internet. 

Figure 2 shows the architecture of a browser as 
would typically be applied for accessing a hyperme- 
dia web page. 

Figure 3 illustrates the primary elements of the 
reconfigurable dual-path method of the invention. 
Figure 4 depicts in flow chart form the basic jump 
capability of the methodology of the invention. 
Figures 5A & 5B (generally designated collectively 
herein as "Figure 5") depict in flow chart form the 
"shopping cart" capability of the methodology of the 
invention. 

Figure 6A & 6B (generally designated collectively 
herein as "Figure 6") depict in flow chart form the 
stored configuration capability of the methodology 
of the invention. 

Figure 7A & 7B (generally designated collectively 
herein as "Figure 7") depict in flow chart form the 
off-line form capability of the methodology of the in- 
vention. 

DETAILED DESCRIPTION 

[0014] For clarity of explanation, the illustrative em- 
bodiment of the present invention is presented as com- 
prising individual functional blocks. The functions these 
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blocks represent may be provided through the use of 
either shared or dedicated hardware, including, but not 
limited to, hardware capable of executing software. 
[0015] Figure 1 depicts an illustrative case of informa- 
tion transactions carried out via the Internet. As seen in 
the figure, an exemplary user obtains access to the In- 
ternet by first connecting, via a Terminal 110 having an 
associated Browser 1 1 1 , to an internet Service Provider 
112 selected by the user. That connection between the 
user and the Internet Service Provider will typically be 
made via the Public Switched Telephone Network 
(PSTN) from a modem associated with the user's Ter- 
minal to a network node in the Internet maintained by 
the selected Internet Service Provider. 
[0016] Once the user has obtained access to the se- 
lected Internet Service Provider, an address is provided 
for connection to another user or other termination site 
and such a connection is made via the Internet to that 
destination location. As can be seen from the figure, 
communication via the Internet may be either user-to- 
user, as from Terminal 110 to Terminal 130, or from a 
user to a node representing an information source ac- 
cessed via the Internet, such as Public Site 120. 
[0017] It will of course be understood that the Internet 
provides service to a large number of users and includes 
a large number of such Public Sites, but the illustration 
provides the essential idea of the communication paths 
established for such Internet communication. It will also 
be understood that a number of service classifications 
are supported by the Internet, with the World Wide Web 
service, which represents a preferred embodiment for 
the public network aspect of the method of the invention, 
being one of the currently most heavily trafficked of such 
services. 

[0018] The Web Browser, such as depicted at 111, 
can be seen as a software application operating in con- 
junction with a user terminal (such as Terminal 110) 
which provides an interface between such a user termi- 
nal and the particular functionality of the WWW informa- 
tion site. The architecture of such a browser is generally 
described in terms of three main components, as illus- 
trated in Figure 2. At the top level is the Browser 201, 
which enables the acquisition of information pages from 
a WWW server (beginning, in all cases, with the "home 
page" for that server), for display at a display device as- 
sociated with the terminal. The Browser also provides 
the necessary interface for the terminal with the HTML 
functionality used by the server to provide access to oth- 
er linked information layers. 

[0019] The second level of the browser architecture 
is the TCP/IP Stack 202, which handles the communi- 
cations protocols used for connecting the terminal to the 
WWW server. The bottom level of this architecture is the 
Dialer 203, which typically handles the function of pro- 
viding dialing and setup digits to a modem, as illustrated 
at 204, such a modem generally being a part of the ter- 
minal. Normally, upon receiving dialing and other setup 
information from the dialer, the modem would cause a 
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connection to be made via the PSTN to the Internet 
Service Provider selected for that terminal. 
[0020] After a connection is established in this man- 
ner to the Internet Service Provider, an address would 
be provided for the WWW information node sought to 
be contacted, a connection to that node made through 
the Internet, and the home page for that node caused 
to be displayed at the terminal's display device. A user 
would then select a key word in that home page, typically 
by clicking on the word with a mouse or similar device, 
and, upon transmission of that selection signal to the 
WWW server, a hyperlink would be created to the linked 
information layer and the open page of that layer would 
be caused to be displayed at the user terminal. 
[0021] As explained above, serious questions have 
been raised in respect to the security of communications 
via the public Internet. (Note, that the discussion herein 
is focused on the Internet, and particularly the WWW 
functionality of the Internet, as a preferred embodiment 
of such public data communication networks generally, 
but the methodology of the invention will be applicable 
to any such network.) To address this problem, the 
methodology of the invention begins with a bifurcation 
of the information transaction between a user and the 
selected information transaction provider into a portion 
related to sensitive or proprietary user information, and 
other information comprising that transaction. With such 
a bifurcation, it becomes possible to provide substantial 
security for that proprietary information by use of an al- 
ternative communications path for that separated por- 
tion of the transaction via a private network, or intranet- 
work - i.e., a connection between a user's terminal and 
a secure serving node on that private network. It is an- 
ticipated that a coordination means will be established 
in respect to the management of information among the 
public and private network elements of the bifurcated 
information transaction. 

[0022] In its basic form, this methodology may be car- 
ried out by the user terminal initiating a call via the In- 
ternet to a selected WWW node, and upon establishing 
connection to that node, proceeding with the desired in- 
formation transaction up to the point where an exchange 
of sensitive or proprietary information were required. At 
that point the user terminal would be instructed by the 
WWW server to terminate that connection (i.e., hangup) 
and to place a new call to an identified private network 
server for the necessary exchange of sensitive informa- 
tion. 

[0023] However, in order to accomplish such a dual- 
path transaction, it is necessary that the browser at the 
user terminal be reconfigured to provide the dialing, au- 
thorization (i.e., login and password), and other needed 
information for accessing the alternative private net- 
work, in order to implement the proprietary portion of the 
transaction. It will also usually be the case that, upon 
completion of that private-network transaction, the orig- 
inal dialer, stack and browser configurations will need to 
be restored, in order for the terminal to retain its normal 



Internet access functionality. Such a reconfiguration and 
subsequent restoral of the necessary parameters in the 
browser, stack and dialer is likely to be well beyond the 
capabilities of the average user. 

5 [0024] Accordingly, as a further embodiment of the in- 
ventive methodology, an automated browser reconfigu- 
ration means is provided which interoperates with the 
browser. This browser reconfiguration means is de- 
scribed in detail hereafter and will be referred to as the 

10 "Bridging Software". 

[0025] Figure 3 provides an illustration of the primary 
elements of the reconfigurable dual-path method of the 
invention. As seen in the figure, a first path comparable 
to the Internet link shown in Figure 1 , between User Ter- 

*5 minal 301 and WWW Serving Node 330 (via Browser 
302, Modem 303, Internet Service Provider 310, and In- 
ternet 320) is provided. However, an alternative path is 
now provided from the output of Modem 303 to Private 
Server 350. That path is illustrated as being via the 

20 PSTN, which is generally regarded as being highly se- 
cure, but an alternative dedicated or other more-secure 
path between the User Terminal 301 and the Private 
Server 350 could as well be provided. In keeping with 
the discussion above, Browser 302 shown in Figure 3 

25 would also include the Bridging Software installed as a 
helper application for implementing the automatic 
reconfiguration of the Browser. 
[0026] In the operation of this system, a user would 
normally make an initial connection to an Internet appli- 

30 cation, such as the application represented by WWW 
Serving Node 330, which, e.g., might be a shopping ap- 
plication, a financial transaction, or the provision of an 
enrollment form for off-line preparation. After conducting 
all, or some portion of an information transaction short 

35 of an exchange of sensitive or proprietary information, 
including a capture by the user's terminal of needed in- 
formation from the public site, a user provides a signal 
indicative of an end to that portion of that transaction. 
During the course of the public portion of the information 

40 transaction, specially configured files are sent from the 
WWW serving node to the Bridging Software associated 
with Browser 302. Such files contain instructions for the 
Bridging Software to store information-like products - 
e.g., for selected items from a catalog, forms for enroll- 

45 ment, or non-secure portions of a financial transaction, 
and reconfiguration information for dialing and logging 
into the private portion of the transaction. The Bridging 
Software then hangs up the Internet connection, edits 
the user terminal's browser, stack and dialer files to 

50 reconfigure the terminal to connect to the private server. 
Prior to automatic redialing of the new private site for 
the user, the Bridging Software may be instructed by the 
application operating at WWW Server Node 330 to dis- 
play items chosen for purchase, or to display a form for 

55 the end-user to complete off-line before dialing the pri- 
vate application. Upon connecting to the private appli- 
cation and completing the transaction as to the user sen- 
sitive information in a private environment, the Bridging 



4 



7 



EP 0 814 589 B1 



8 



Software then restores the end-user software to the di- 
aling and authorization parameters required to dial to 
the public Internet. 

[0027] A particularly advantageous application of the 
automated reconfiguration and information transfer 5 
methodology of the Bridging Software is that it adds val- 
ue to certain WWW servers which do not possess the 
Common Gateway Interface ("CGI") capability - i.e., a 
provision of specialized functions on the server beyond 
just displaying HTML files, and are accordingly unable 
to accomplish any transactional processing in respect 
to items selected by a user. In effect, such a non-CGI 
server, on its own, can only serve as a "billboard" for the 
items represented in its database. 
[0028] However, with the collection and redelivery 
process of the Bridging Software, a data capture and 
processing mechanism can be implemented for servers 
operating in a non-CGI environment - such servers be- 
ing incapable of more than the simple delivery of static 
data packets corresponding to available items. The data 
set enabled by the Bridging Software is a mechanism 
for augmenting such limited server capabilities by defin- 
ing a flexible mechanism for the receipt, display, and de- 
livery of arbitrary data from one site to another. 
[0029] In such a scenario, the Bridging Software re- 
ceives a "shopping cart" item list from the host as a data- 
set defined with a static MIME data packet associated 
with the Bridging Software. This information comprising 
the data-set may be updated, displayed to the user in a 
"read-only" fashion, or presented to the user for order 
selection. 

[0030] During the process of interacting with the 
WWW server, a user may trigger HTML links resulting 
in additional MIME packets for the Bridging Software be- 
ing delivered to the client. These packets allow items to 
be added and/or removed from the specified data set or 
presented to the user for local confirmation. The user 
will interact with a pop-up screen provided by the Bridg- 
ing Software which presents the items available with 
product information, such as part number, description, 
unit cost, etc. The user identifies those items which are 
to be placed into the "shopping cart" and the quantity of 
items desired. Upon completion of the form, the Bridging 
Software stores the order in a format suitable for sub- 
sequent delivery to the private server site. 
[0031] An additional feature provided by the method- 
ology of the Bridging Software is an automated mecha- 
nism for providing compatibility with user terminals not 
previously having the Bridging Software included with 
the terminal's browser. To that end, the Bridging Soft- 
ware located at an accessed public network site initially 
checks to see if the browser counterpart for that soft- 
ware is loaded at the calling user terminal. If yes, the 
heretofore described processes of the Bridging Soft- 
ware go forward. If not however, a request is sent 
through the public host to download the Bridging Soft- 
ware to the calling terminal. After such a download, a 
helper application loads the Bridging Software to the ter- 



minal's browser. 

I. Illustrative Embodiments 

[0032] A variety of browser reconfiguration applica- 
tions are supported by the automated browser reconfig- 
uration means of the invention. Four essentially diverse 
capabilities of this invention, which support such appli- 
cations, are described hereafter as illustrative embodi- 
ments of the invention. 

A. Basic Jump Capabilities 

[0033] In this configuration, which is illustrated in flow 
chart form in Figure 4, an end-user is connected to a 
chosen WWW serving node (where a desired informa- 
tion product is made available) via a modem and an In- 
ternet browser associated with the user's terminal (Step 
401 of Figure 4). After conducting an information trans- 
action with the selected WWW serving node for some 
interval (determined in relation to the specific application 
accessed), the user clicks on a hypertext link, or picture, 
to begin an automated process which will cause that 
public session to be terminated and a new connection 
established to an alternate private data network (Step 
402). 

[0034] In response to that user action, a data mes- 
sage containing parameter reconfiguration instructions 
is passed from the WWW server application to the Bridg- 
ing Software at the user's terminal (Step 403). Upon re- 
ceiving such instructions, the Bridging Software edits 
the user's on-line communications software parame- 
ters, reconfiguring that software to dial the alternate data 
network (Step 404). This reconfiguration is fully auto- 
matic and transparent to the user, and includes param- 
eters such as modem dial number, login, password, and 
TCP/IP addresses. At that point, the Bridging Software 
causes the modem to disconnect the current data net- 
work connection, shutting down the browser, and to then 
dial the alternate private data network (Step 405). 
[0035] With the establishment of a connection to the 
private server on the alternate data network, the user 
interacts with the alternate data network application as 
appropriate (Step 406), and after an interval completes 
his* activity with the alternate data network and provides 
an indication of such completion (Step 407). A data 
message containing parameter reconfiguration instruc- 
tions is then passed from the alternate data network ap- 
plication to the Bridging Software (Step 408). 
[0036] At that point, the Bridging Software again edits 
the user's on-line communications software parame- 
ters, reconfiguring them to dial the original public data 
network, or another preselected network (Step 409). As 
with the first reconfiguration, this configuration is auto- 
matic and includes parameters such as modem dial 
number, login, password, and TCP/IP addresses. The 
Bridging Software automatically causes the current pri- 
vate data network to be disconnected by the modem 
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(Step 410), and if appropriate, causes the original public 
data network to be redialed (Step 411). When such a 
reconnection to the public data network is established, 
the end-user would then continue his application in the 
public data network. 

B. "Shopping Cart" Capability 

[0037] With this configuration, illustrated in flow chart 
form in Figure 5, a user begins by establishing a con- 
nection to a WWW application (assuming for the mo- 
ment that the application is non-CGI enabled) at a serv- 
ing node for that application, using the Internet browser 
and modem associated with the user's terminal (Step 
501 of Figure 5). Upon finding an item in that application 
to be saved, or remembered for later consideration, or 
purchase, the user clicks on a hyper-text link, or picture, 
representing that item (Step 502). That application then 
sends a data message to the Bridging Software contain- 
ing information about the items selected (Step 503) and 
such information is stored by the Bridging Software in 
the "shopping cart" file in the user's terminal (Step 504). 
Such selection, download and storage steps (i.e., steps 
502, 503 & 504) are repeated for as many items as the 
user chooses to select. At any point after the Bridging 
Software has received the first set of item selection in- 
formation, the user can instruct the Bridging Software to 
cause those selected items about which such informa- 
tion has been received to be displayed locally (at the 
user's terminal), where the user may review or edit (in- 
cluding deletion if desired) the collection of items there- 
tofore selected. The application may also control display 
characteristics such as color and font for such locally 
displayed items. Note that in the case of a CGI-enabled 
application, the application itself will keep track of the 
items selected by the user and only download the totality 
of the selected items at the end of the selection process, 
and accordingly, the described local display option will 
not be applicable to such a CGI-enabled application. 
[0038] At the point of completion of his shopping, the 
user clicks on a hypertext link or picture to "check out" 
(Step 505), which will begin a process of causing a jump 
to an alternate data network for the completion of sen- 
sitive portions of the transaction. To that end, a data 
message containing parameter reconfiguration instruc- 
tions is passed from the WWW application to the Bridg- 
ing Software (Step 506). It is to be noted that, as a se- 
curity measure, information such as the new dial 
number, IP address, home page, configuration data (e. 
g., login, password, DNS address) may be passed over 
the public network in encrypted form. 
[0039] Upon receiving such reconfiguration instruc- 
tions, the Bridging Software edits the user's on-line com- 
munications software parameters, reconfiguring that 
software to dial the alternate data network (Step 507). 
This reconfiguration is fully automatic and transparent 
to the user, and includes parameters such as modem 
dial number, login, password, and TCP/IP addresses. 



At that point, the Bridging Software causes the modem 
to disconnect the current data network connection, shut- 
ting down the browser, and to then dial the alternate data 
network (Step 508). 
5 [0040] The Bridging Software passes the stored 
"shopping cart" data captured from the WWW applica- 
tion to the alternate network application (Step 509), 
where that data may be displayed for the user, permit- 
ting the user to confirm and/or modify the data (Step 

510) . The user interacts with the alternate data network 
application as appropriate, and after an interval com- 
pletes his activity with the alternate data network (Step 

511) and thus, by providing an appropriate completion 
signal to the application, completing the private portion 
of the information transaction (Step 512). A data mes- 
sage containing parameter reconfiguration instructions 
is then passed from the alternate data network applica- 
tion to the Bridging Software (Step 513). 
[0041] The Bridging Software, at this point, again ed- 
its the user's on-line communications software param- 
eters, reconfiguring them to dial the original (or another 
pre-defined) data network (Step 514). As with the first 
reconfiguration, this configuration is automatic and in- 
cludes parameters such as modem dial number, login, 
password, and TCP/IP addresses. The Bridging Soft- 
ware automatically causes the current private data net- 
work to be disconnected by the modem (Step 51 5), and 
if appropriate, causes the original public data network 
to be redialed (Step 516). When such a reconnection is 
established to the point in the public data network where 
the user had left off to handle the secured aspects of his 
information transaction, the user would then continue 
his application in the public data network. 

C. Stored Configuration Capabilities 

[0042] For this configuration, depicted in flow chart 
form in Figure 6, an end-user is connected to a chosen 
WWW serving node (where a desired information prod- 
uct is made available) via a modem and an Internet 
browser associated with the user's terminal (Step 601 
of Figure 6). The user selects a hypertext link or picture 
associated with the WWW application by clicking on 
such link or picture (Step 602). A data message con- 
taining parameter reconfiguration instructions and an 
application icon (related to the selected hypertext link or 
picture) is passed from the WWW application to the 
Bridging Software (Step 603). 

[0043] The Bridging Software creates an icon for dis- 
play at the user's terminal, and saves a Bridging Soft- 
ware configuration file that is associated with that icon 
(Step 604). Such Bridging Software actions are auto- 
matic and multiple selections may be captured in this 
manner. At this point the user may continue the on-line 
session, or, if all desired selections have been made, a 
signal is provided from the user that the session should 
be discontinued (Step 605). The Bridging Software then 
automatically disconnects the current data network con- 



15 



20 



25 



30 



35 



40 



45 



50 



6 



11 



EP 0 814 589 B1 



12 



nection (Step 606). 

[0044] After disconnecting from the WWW applica- 
tion, and following an interval determined by the user, a 
new application is selected by the user by clicking on 
the appropriate new icon displayed at the user's terminal 5 
(Step 607). The Bridging Software receives the recon- 
figuration instructions from the file associated with the 
selected icon (Step 608). 

[0045] The Bridging Software edits the user's on-line 
communications software parameters, reconfiguring 
that software to dial the alternate data network (Step 
609). The Bridging Software then automatically starts 
the user's Internet browser software and causes the al- 
ternate network application to be dialed by the modem 
associated with that terminal (Step 610). Upon estab- 
lishing a connection to the alternate network, the user 
interacts with that application and completes the trans- 
action to the user's satisfaction (Step 611). After a signal 
is sent to the alternate network indicating such comple- 
tion of the user's activity (Step 612), a data message 
containing parameter reconfiguration instructions is 
passed from the alternate data network application to 
the Bridging Software (Step 613). That Software then 
causes the user's terminal configuration parameters to 
be reset (Step 614) and the alternate data network to 
be automatically disconnected (Step 615). 

D. Off-Line Form Capability 

[0046] In this configuration, depicted in flow chart form 
in Figure 7, an end-user is connected to a chosen WWW 
serving node (where a desired information product is 
made available) via a modem and an Internet browser 
associated with the user's terminal (Step 701 of Figure 
7). The user selects a hypertext link or picture associat- 
ed with an off-line form application - an exemplary such 
form being an HTML-based form - by clicking on such 
link or picture (Step 702). A data message containing 
parameter reconfiguration instructions for the Bridging 
Software, the selected off-line-form application, and an 
optional icon (related to the selected hypertext link or 
picture) is passed from the WWW application to the 
Bridging Software (Step 703). Note that the selected off- 
line form may be for either single or multiple use. 
[0047] In the case of a delayed or multiple use of the 
selected form, the Bridging Software may create an icon 
for display at the user's terminal, and will save a Bridging 
Software configuration file that is associated with that 
icon (Step 704). The form in question is also saved on 
the user's terminal. Such Bridging Software actions are 
automatic. At this point the user may continue the on- 
line session, or, if all desired selections have been 
made, a signal is provided from the user that the session 
should be discontinued (Step 705). The Bridging Soft- 
ware then automatically disconnects the current data 
network connection (Step 706). 
[0048] After disconnecting from the WWW applica- 
tion, two cases are to be considered as to the further 



processing of the selected form: (1 ) an immediate single 
use of the form and (2) either a delayed or multiple use 
of the form. In the first case, the Bridging Software edits 
the user's on-line communications software parame- 
ters, reconfiguring that software to dial the alternate data 
network. The Bridging Software then automatically 
starts the user's Internet browser software which is 
caused to display the off-line form. The user then com- 
pletes the off-line form and chooses a "Submit Form" 
button displayed at his terminal. 
[0049] In the second case, the Bridging Software will 
have created an icon for display at the user's terminal 
and saved a Bridging Software configuration file asso- 
ciated with that icon. Following an interval determined 
by the user, the off-line-form application is started by the 
user by clicking on the new form icon displayed at the 
user's terminal (Step 707). The Bridging Software re- 
ceives the reconfiguration instructions from the file as- 
sociated with the selected icon (Step 708). 
[0050] The Bridging Software edits the user's on-line 
communications software parameters, reconfiguring 
that software to dial the alternate data network (Step 
709). The Bridging Software then automatically starts 
the user's Internet browser software which is caused to 
display the off-line form (Step 710). The user then com- 
pletes the off-line form and chooses a "Submit Form" 
button displayed at his terminal (Step 711). 
[0051] In either the first or second case, following ac- 
tivation of the "Submit Form" button, the alternate net- 
work application is then caused to be dialed by the 
Bridging Software. Upon establishing a connection to 
the alternate network, the form data is passed to the al- 
ternate network (Step 712). The user then interacts with 
that application and completes the application (Step 
713). After a signal is sent to the alternate network indi- 
cating such completion of the user's activity (Step 714), 
a data message containing parameter reconfiguration 
instructions is passed from the alternate data network 
application to the Bridging Software (Step 715). That 
Software then causes the user's terminal configuration 
parameters to be reset (Step 716) and the alternate data 
network to be automatically disconnected (Step 717). 

CONCLUSION 

[0052] A system and method has been described for 
the automatic switching of an information transaction 
between two or more alternate networks. This function- 
ality, which incorporates a reconfiguration means des- 
ignated herein as the Bridging Software, supports the 
movement of application specific data from one on-line 
environment to another. Among potential applications of 
this process for passing data between different environ- 
ments are: selected items for purchase ("shopping 
cart"), captured data from forms, and other server cap- 
tured data such as web pages visited. 
[0053] The Bridging Software reconfiguration means 
is intended to work with various Web Browser software 
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implementations, including the Netscape Personal Edi- 
tion (NPE) Software for Windows 3.1 and 3.11, and 
which represents a working embodiment for the inven- 
tion. The Bridging Software installs itself as a helper ap- 
plication within the browser application and utilizes a 
special MIME type configuration file to pass reconfigu- 
ration and "shopping cart information from the server to 
the client software. 

[0054] When an application requires a user to re-con- 
nect to a private application, a reconfiguration file is 
passed to the Bridging Software helper application via 
a CGI script or simple hyper-text link. The helper appli- 
cation disconnects the current data connection, recon- 
figures the dial parameters (dial #, login password, DNS 
address, and home page) and initiates the dial program 
so the end-user can access the private application. 
[0055] When the end-user connects to the private ap- 
plication, the Bridging Software reconfiguration means 
provides the new "private server" application with data 
collected from the "public server", and the application 
resumes in a private, secure environment. 
[0056] The Bridging Software allows both short term 
and long term storage of dial configurations. Configura- 
tions passed to the Bridging Software can be designated 
as single use configurations and discarded after the ap- 
plication has terminated, or saved and displayed to the 
end-user as a dial choice by the Bridging Software. 
[0057] It is noted that, while the invention has been 
primarily described in terms of a preferred embodiment 
based on an automatic reconfiguration between a public 
and a private data network, any the methodology of the 
invention will be equally applicable to any set of alter- 
nate networks. 



Claims 

1 . A method for managing a transaction via a commu- 
nications path between a terminal device (303) and 
a first serving node (330) in a first data network 
(320), said method comprising the steps of: 

establishing an initial communications path via 
a first connection between said terminal device 
(303) and said first serving node (330) in said 
first data network (320); 

receiving, at said terminal device (303), infor- 
mation from said first serving node (330) in said 
first data network (320) for effecting a browser 
reconfiguration in said terminal device (303) 
comprising editing the terminal device's brows- 
er, TCP/IP-stack and dialer files for a reconfig- 
uration of said communications path for said 
transaction from said first connection in said 
first data network (320) to a second connection 
in a second data network (340); and 



automatically connecting said terminal device 
(340) to a second serving node (350) in said 
second data network (340) via said second 
connection, and 

5 

automatically disconnecting said first connec- 
tion prior to implementation of said second con- 
nection. 

10 2. The method for managing a transaction of claim 1 , 
including the further step of: 

recognizing a signal to reconfigure said com- 
munications path from said first connection to 
15 said second connection. 

3. The method for managing a transaction of claim 1 , 
including the further steps of: 

20 automatically disconnecting said second con- 

nection in response to a user signal; and 

reconfiguring said terminal device (303) to en- 
able, in response to user instructions, an imple- 
25 mentation of a connection via an identified data 

network. 

4. The method for managing a transaction of claim 3, 
wherein said step of automatically reconfiguring 

30 said terminal device (303) includes the step of ef- 
fecting said implementation of said connection via 
said identified data network. 

5. A method for managing a transaction according to 
35 claim 1 , comprising the steps of: 

bifurcating said transaction into a first portion 
of transaction comprising certain data and a re- 
maining portion of transaction, wherein said re- 
*o maining portion is carried out via a public on- 

line communications connection forming said 
first connection between said terminal device 
(303) and a public information server forming 
said first serving node (330); 

45 

causing said first portion of transaction to be 
carried out via a secure private on-line commu- 
nications connection forming said second con- 
nection between said terminal device (303) and 
50 a private information server (350), forming said 

second serving node (350); and 

automatically reconfiguring network access 
means in said terminal device (303) to switch 
55 between said public connection and said pri- 

vate connection. 
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Patentanspruche 

1. Verfahren zur Handhabung einer Transaktion zwi- 
schen einem Terminalgerat (303) und einem ersten 
Serverknotenpunkt (330) Ober einen Kommunikati- 
onsweg in einem ersten Datennetzwerk (320), wo- 
bei das Verfahren folgende Schritte aufweist: 

Einrichten eines anfanglichen Kommunikati- 
onsweges Gber eine erste Verbindung zwi- 
schen dem genannten Terminalgerat (303) und 
dem genannten ersten Serverknotenpunkt 
(330) in dem genannten ersten Datennetzwerk 
(320); 

Empfangen von Information von dem ersten 
Serverknotenpunkt (330) in dem ersten Daten- 
netzwerk (320) an dem Terminalgerat (303) 
zum Bewirken einer Browserrekonfiguration in 
dem genannten Terminalgerat (303) unter Be- 
arbeitung des Browsers der Terminalgerates, 
des TCP/IP-Dateistapels und der WShlerdatei- 
en fur eine Rekonfigu ration des genannten 
Kommunikationsweges fOr die Transaktion von 
der genannten ersten Verbindung in dem ge- 
nannten ersten Datennetzwerk (320) zu einer 
zweiten Verbindung in einem zweiten Daten- 
netzwerk (340); und 

automatisches Verbinden des genannten Ter- 
minalgerats (340) zu einem zweiten Serverkno- 
tenpunkt (350) in dem genannten zweiten Da- 
tennetzwerk (340) uber die genannte zweite 
Verbindung, sowie 

automatisches Trennen der ersten Verbindung 
vor einer Herstellung der genannten zweiten 
Verbindung. 

2. Verfahren zur Handhabung einer Transaktion nach 
Anspruch 1 , mit dem weiteren Schritt des Erken- 
nens eines Signals zur Rekonfiguration des ge- 
nannten Kommunikationsweges von der ersten 
Verbindung zu der zweiten Verbindung. 

3. Verfahren zur Handhabung einer Transaktion nach 
Anspruch 1 , mit dem weiteren Schritt des automa- 
tischen Trennens der genannten zweiten Verbin- 
dung in AbhSngigkeit von einem Benutzersignal; 
und 

Rekonfigurieren des Terminalgerates (303) zum 
Herstellen einer Verbindung uber ein bezeichnetes 
Datennetzwerk in Abhangigkeit von Benutzerin- 
struktionen. 

4. Verfahren zur Handhabung einer Transaktion nach 
Anspruch 3, wobei der Schritt des automatischen 
Rekonfigurierens des Terminalgerates (303) den 



Schritt der Durchfuhrung des Hersteilens der ge- 
nannten Verbindung uber das genannte bezeichne- 
te Datennetzwerk umfa&t. 

5 5. Verfahren zum Handhaben einer Transaktion ge- 
maB Anspruch 1 , welches folgende Schritte enthait: 

Verzweigen der Transaktion in einen ersten 
Transaktionsteil, welcherbestimmte Daten um- 
faBt, und einen verbleibenden Transaktionsteil, 
wobei der verbleibende Transaktionsteil uber 
eine die genannte erste Verbindung bildende 
Sffentliche Online-Kommunikationsverbindung 
zwischen dem genannten Terminalgerat (303) 
und einem den genannten ersten Serverkno- 
tenpunkt (330) bildenden Sffentlichen Informa- 
tionsserver durchgefuhrt wird; 

Veranlassen einer Durchfuhrung des ersten 
Transaktionsteiles uber eine die genannte 
zweite Verbindung bildende sichere private On- 
line-Kommunikationsverbindung zwischen 
dem genannten Terminalgerat (303) und einem 
den genannten zweiten Serverknotenpunkt 
(350) bildenden privaten Informationsserver 
(350); und 

automatisches Rekonfigurieren von Netzwerk- 
zugangsmitteln in dem Terminalgerat (303) zur 
Umschaltung zwischen der genannten dffentli- 
chen Verbindung und der genannten privaten 
Verbindung. 



35 Revendications 

1. Proc6d6 de gestion d'une transaction via une voie 
de transmission entre un dispositif de terminal (303) 
et un premier noeud esclave (330) dans un premier 
40 reseau de donn§es (320), ledit proc6de compre- 
nant les stapes consistant a : 

etabiir une voie de transmission initiate via une 
premiere connexion entre ledit dispositif de ter- 
45 minal (303) et ledit premier noeud esclave 

(330) dans ledit premier r6seau de donnSes 
(320) ; 

recevoir, au niveau dudit dispositif de terminal 
(303), des informations depuis ledit premier 

50 noeud esclave (330) dans ledit premier r6seau 

de donn^es (320) pour effectuer une reconfigu- 
ration du navigateur dans ledit dispositif de ter- 
minal (303), comprenant I'edition des fichiers 
de la pile TCP/IP et du dialer du navigateur du 

55 dispositif de terminal, pour une reconfiguration 

de ladite voie de transmission pour ladite tran- 
saction depuis ladite premiere connexion dans 
ledit premier r6seau de donndes (320) vers une 
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seconde connexion dans un second r6seau de 
donn6es (340) ; et 

connecter automatiquement (edit dispositif de 
terminal (303) d un second noeud esclave 
(350) dans (edit second r6seau de donn6es 5 
(340) via ladite seconde connexion, et 
dgconnecter automatiquement ladite premiere 
connexion avant la mise en place de ladite se- 
conde connexion. 

10 

2. Proc6d6 de gestion d'une transaction selon la re- 
vendication 1, comprenant I'etape supptementaire 
consistant d : 

identifier un signal pour reconfigurer ladite voie 1$ 
de transmission depuis ladite premiere con- 
nexion vers ladite seconde connexion. 

3. Proc6d6 de gestion d'une transaction selon la re- 
vendication 1 , comprenant les 6tapes supptemen- 20 
taires consistant d : 

d6connecter automatiquement ladite seconde 
connexion en r§ponse d un signal utilisateur ; et 
reconfigurer ledit dispositif de terminal (303) 25 
pour permettre, en reponse d des instructions 
utilisateur, une mise en place d'une connexion 
via un r£seau de donnges identify. 

4. Proc6d6 de gestion d'une transaction selon la re- 30 
vendication 3, dans lequel ladite 6tape de reconfi- 
guration automatique dudit dispositif de terminal 
(303) comprend l'§tape consistant d effectuer ladite 
mise en place de ladite connexion via ledit r6seau 

.de donn6es identifte. 35 

5. Proc6d6 de gestion d'une transaction selon la re- 
vendication 1 , comprenant les etapes consistant d : 

faire bifurquer ladite transaction dans une pre- *o 
mfere partie de transaction comprenant certai- 
nes donn6es et une partie de transaction res- 
tante, dans lequel ladite partie restante est ef- 
fectuSe via une connexion de communication 
en ligne publique formant ladite premi&re con- 
nexion entre ledit dispositif de terminal (303) et 
un serveur d'information public formant ledit 
premier noeud esclave (330) ; et 
faire en sorte que ladite premiere partie de tran- 
saction soit effectu6e via une connexion de so 
communication en ligne priv6e $6curis6e for- 
mant ladite seconde connexion entre ledit dis- 
positif de terminal (303) et un serveur d'infor- 
mation priv6 (350) formant ledit second noeud 
esclave (350) ; et 55 
reconfigurer automatiquement les moyens 
d'acc6s au r6seau dans ledit dispositif de ter- 
minal (303) pour commuter entre ladite con- 



nexion publique et ladite connexion privGe. 
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